1. The Field of the Invention
This invention relates to systems, methods, and computer program products for providing network listeners the ability to hand off control of network connections to a requested process in user-mode.
2. Background and Relevant Art
As an increasing number of people and institutions are implementing computerized systems, whether in a work, home, or in an entertainment environment, the needs for sharing computing resources has also increased. One type of sharing environment is a distributed file system, which is generally a client/server-based application that allows clients to access and process data stored on a central server over a network, as if the server were the client's own computer. For example, several workers of a company may be allowed to electronically access certain files at a remotely located network drive from multiple personal computers. In another example, a computing system at one location might need to use the processing resources of another computer at another location to aid with a specific job.
Of course, just as sharing various files and processes over a network can provide a number of obvious advantages, the problems and disadvantages of networking are also well known. These problems range from benign architectural problems to those of intended malice. An example of a benign architectural problem is the fact that network computers have a limited number of ports, which in turn are usually only allowed to provide client components with access to a limited number of network components, such as network processes, modules, and the like. This can create a problem when a large number of client components need access to several network components through the same port.
On the other hand, well-known examples of malicious network problems include computer viruses, and network intruders. Viruses are computer-executable instructions typically passed electronically from one unwitting recipient to the next that, when executed, alter or erase important systems files, steal personal information, or the like. Similarly, network intruders can be a problem with networks that are open to outside connections, such as an otherwise closed work network that has a connection to the Internet. For example, a malicious person might find a way to gain electronic access to a company's network server beyond what was otherwise intended, and gain access to valuable company or employee documents found inside the network.
Accordingly, operating system security for computerized systems is increasingly important for computers on a network. Presently, there are myriad ways and processes computerized systems use to enforce security. These can generally be classified into the type of permissions in which a process or component runs, such as running in a user-mode (more limited, less control) level of control, or running in a kernel-mode (less limited, greater control) level of control. Generally, for example, if a client component and a requested network process at a network computer are communicating information in user-mode, the client component has only limited (if any) access to the network process, and only limited (if any) access to the network computer's system memory or services.
If the client component, however, connects to the network computer component through a kernel-mode driver running on the network computer, the client has much more flexibility. In particular, the client process may, in some cases, have unlimited access to the system memory, and/or to other services, processes or components at the network computer. In particular, a kernel-mode driver listening on a network has little or no control over who will send it messages. If the kernel-mode driver is “duped” by the sender of messages, there is little or no limit to the damage the sender of messages can do. By contrast, processes running in user-mode can be limited by operating system security.
As such, user-mode and kernel-mode levels of running components can provide a number of respective advantages and disadvantages, and so are typically implemented in specific types of situations. For example, a user-mode listener, such as a component implementing HTTP requests over a TCP protocol on a network stack, operates by relaying client process data to a requested network process through any number of communication mechanisms, such as through a shared memory space, a named pipe, Remote Procedure Protocol (“RPC”), Distributed Component Object Model (“DCOM”), or the like. The requested process then takes the relayed client process data through the relevant communication mechanism, and likewise responds to the client process only through the relevant communication mechanism. As such, the client process and the requested network computer process never communicate directly.
In particular, since the listener operating in user-mode has only limited access to system memory, and has only limited access to other system processes or components, a malicious client process is significantly hindered from causing damage to the network computer, or accessing sensitive information. On the other hand, since the user-mode listener acts as an intermediary relay mechanism using a shared memory, named pipe, or the like, the user-mode listener can become a significant bottleneck in network communication speeds, particularly with large numbers of outside client connections, or large data transfers.
By contrast, a kernel-mode listener, such as a network driver operating in kernel-mode, writes the connection data from the client process directly to system memory, and may even dispatch control of the entire connection to the requested network process, if appropriate. In either case, the kernel-mode listener allows the network process to communicate with the client process using mechanisms that are much faster than using a shared memory space, named pipe, or the like, as with a user-mode listener. Unfortunately, because a kernel-mode listener has fairly unfettered access to the network computer system and memory, a malicious person or program could overrun the network computer memory and gain access to sensitive system files or other network processes on the network computer. Thus, a kernel-mode listener is typically avoided in many situations where the speed associated therewith could be helpful.
Accordingly, an advantage in the art can be realized with systems, methods, and computer program products that allow a user-mode listener to facilitate communication between a client process and a requested network process without incurring the typical speed or bottleneck issues associated therewith. Furthermore, an advantage can be realized with such systems that facilitate communication between a client process and a requested network computer when appropriate, without at the same time exposing system memory or other sensitive system processes at the network computer.